Google: Hackers used AI to develop zero-day exploit for web admin tool
… The exploit could be leveraged to bypass the two-factor authentication 2FA protection in a popular open-source, web-based system administration tool that remains unnamed. …
Search
Flipper One project needs community help to build open Linux platform
… Download Now Related Articles: Exploit released for new PinTheft Arch Linux root escalation flaw Exploit available for new DirtyDecrypt Linux root escalation flaw Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026 Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own New Fragnesia… …
GitHub investigates internal repositories breach claimed by TeamPCP
… The Trivy breach also affected the LiteLLM open-source Python library in an attack that infected tens of thousands of devices with its "TeamPCP Cloud Stealer" information-stealing malware. …
TeamPCP hackers advertise Mistral AI code repos for sale
… Earlier today, OpenAI also confirmed that the TanStack supply-chain impacted systems of two of its employees who had access to “a limited subset of internal source code repositories.” A small set of credentials was stolen from the repositories, but the investigation found no evidence that they wer… …
Android 17 to expand banking scam call and privacy protections
… Download Now Related Articles: FBI warns against using Chinese mobile apps due to privacy risks ScarCruft hackers push BirdCall Android malware via game platform Telegram Mini Apps abused for crypto scams, Android malware delivery 'NoVoice' Android malware on Google Play infected 2.3 million device… …
OpenAI confirms security breach in TanStack supply chain attack
OpenAI confirms security breach in TanStack supply chain attack By Lawrence Abrams May 14, 2026 03:07 PM OpenAI says two employees' devices were breached in the recent TanStack supply chain attack that impacted hundreds of npm and PyPI packages, causing the company to rotate code-signing certificat… …
Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing
… Download Now Related Articles: Device code phishing attacks surge 37x as new kits spread online New EvilTokens service fuels Microsoft device code phishing attacks Tycoon2FA phishing platform returns after recent police disruption ConsentFix v3 attacks target Azure with automated OAuth abuse New VE… …
Hackers bypass SonicWall VPN MFA due to incomplete patching
… SonicWall warned in a security advisory for CVE-2024-12802 that installing the firmware update alone on Gen6 devices does not fully mitigate the vulnerability, and a manual reconfiguration of the LDAP server is required. Failing to do so leaves open the possibility of bypassing MFA protection. …
Ukraine identifies infostealer operator tied to 28,000 stolen accounts
… The malicious operation caused $250,000 in direct losses, including chargebacks. “To carry out the criminal scheme, the attackers used 'infostealer' malware that secretly infected users’ devices, collected login credentials, and transmitted them to servers controlled by the attackers,” the police s… …
Signal adds security warnings for social engineering, phishing attacks
… Download Now Related Articles: TikTok for Business accounts targeted in new phishing campaign FBI links Signal phishing attacks to Russian intelligence services Webinar tomorrow: Why security alone won't stop modern attacks Webinar this week: Prevention alone is not enough against modern attacks An… …